RB2 : Risky Business 2

Datacom TSS is a Canberra-based, national security firm founded by ex Australian government security specialists. These guys specialise in dealing with highly skilled adversaries. One of their services is running some pretty intense Red Team exercises. The team at Datacom TSS recnetly ported its Red Team Trojan over to the Android platform, and it's surprisingly easy to trick people into installing it. You just email it to them and ask them to install the APK package. read more [1] [1] http://risky.biz/markbrand

Some time ago security researcher Charlie Miller published some research that showed he could take over NFC-equipped phones just by holding them near a malicious RFID sticker. This talk takes you through his research process -- how he fuzzed devices, what he found… and how he came to realise that attacking the higher level functions of NFC functionality turned out to be the shortest path to victory.

In this sponsor interview with chat with Casey Ellis, the founder of BugCrowd. BugCrowd is an Australian business, but Casey is currently in the USA where the appetite for information security investment opportunities is apparently hitting fever pitch. In this interview I ask him how one might get started off on the path to massive phatcash through their cybersecurity startup.

The following is a recording of HD Moore's AusCERT plenary, all about the research he's done scanning the entire Internet. HD is one of the smartest guys in the business, and it's a great talk. But you might actually need to slow it down a bit, because I don't think I've ever encountered anyone in my life who can speak as fast as HD does. He sometimes speaks at a pace that is faster than my ability to comprehend what he's saying. But as I say, it's a great talk -- it's called Global Vulnerability Analysis.

In this sponsor interview with chat with Casey Ellis, the founder of BugCrowd. When Casey co-founded the business the idea was simple -- the company would host outsourced bug bounty programs for clients that didn't have the expertise to run their own. As some of you may know, the idea really took off, but what no one expected was for BugCrowd's registered testers to do a better job than many penetration testing teams. read more [1] [1] http://risky.biz/bountyvpentest

The following is a recorded presentation from AusCERT. It's by Al Blake, the Chief Information Officer of the Department of Sustainability, Environment, Water, Population and Communities. In it he talks about BYOD, basically, from an Australian government perspective. It's not an overly technical talk, but it is a good overview of what a CIO like him has to consider when allowing staff to use their own devices in a heavily regulated environment.

In this sponsor interview we chat with Paul Ducklin of Sophos about trends in code signing technology designed to combat malware. During the great "SSL wars" of 2011, when hackers like Comodohacker went cyber-berserk owning CAs and minting their own certificates for sites like Gmail and Facebook, valuable lessons were learned. It's becoming the norm for browsers to pin certs for well known websites... and now this same approach to certificate sanity checking is finding its way into code signing checks. read more [1] [1] http://risky.biz/ducklincert

We're kicking off our AusCERT 2013 coverage today with the conference's opening keynote by Michael Jones, Google's chief technology advocate. He's charged with advancing technology to organise the world's information and make it universally accessible and useful. Michael has worked as chief technologist of Google Maps, Earth, was the CTO of Keyhole Corporation, the company that developed the technology behind Google Earth and was also CEO of Intrinsic Graphics, and was director of advanced graphics at Silicon Graphics. read more [1] [1] http://risky.biz/michaeljones

This podcast is an interview I did at the Breakpoint security conference with security researcher Travis Goodspeed. He's come up with a hardware device called FaceDancer that allows him to capture USB device firmware by emulating the devices. What can you do with that? Well, you can start messing with those devices, loading up custom firmware, and even use modified USB devices to attack hosts.

This podcast is an interview with Eric "Musclenerd" McDonald. Eric is a renowned iPhone jailbreaker and as such has a very detailed understanding of smartphone platforms. His talk at Ruxcon Breakpoint was all about the security of baseband chipsets. If you follow this stuff you might know that the baseband chipsets in these smartphones -- which handle all the basic communications functions of the phones -- are actually quite sophisticated. And where there's sophistication, there are potential problems. read more [1] [1] http://risky.biz/netcasts/breakpoint/interview-musclenerd-qualcomm-baseband-hacking

This podcast is an interview I did with Barnaby Jack, a security researcher with IOActive. Barnes is probably best known for his work on ATM security. He famously "jackpotted" an ATM live on stage at BlackHat in 2010, but if he were to do a live demo of his latest research he'd probably wind up in prison. read more [1] [1] http://risky.biz/barnaby_breakpoint

All our coverage of the Breakpoint security conference was made possible by our sponsor PacketLoop. PacketLoop is a new Australian business that applies big data analysis techniques to your packet captures... you can visualise your captures, drill down into them, and even spot successful 0day attacks against your organisation after the event -- that's a simple trick, that one, they just loop your packet captures through IPSs after the fact... when they get signature updates, they loop them through again. Hence the name, PacketLoop. read more [1] [1] http://risky.biz/baker

This podcast is an interview I did with Accuvant's Joshua Drake, aka jduck. His Breakpoint presentation was on the topic of Android security. As regular listeners of the Risky Business podcast would know, we're pretty much convinced Android was rushed to market -- it was insecure, immature, way too open and a big, glaring risk to its users. Combine that with the inherent problems with the Android ecosystem and you had a recipe for disaster. read more [1] [1] http://risky.biz/jduck

The following is the closing session from AusCERT's 2012 conference, the speed debate. It's a chance to have a bit of a laugh at all things security and it's hosted by ABC personality Adam Spencer. Enjoy!

At AusCERT last week I caught up with Phil Piotrowski, a threat researcher with Sophos, as well as Rob Forsyth, a director of Sophos here in Australia. read more [1] [1] http://risky.biz/phil_rob